<?php
/**
* Author: Porlock
* Link: www.porlockz.com
* Date: 2018-04-16 19:26:02
* Last Modified time: 2018-04-16 20:06:53
* Use：发布公告
*/
session_start();
require_once ('../init.php');
require_once ('includes/lib/func_rightCtrl.php');
require_once ('includes/lib/func_admin.php');
// 权限控制
admin_rightCtrl();
if($_SESSION['level'] == 0){
	require_once ('includes/views/root_header.php');
}
elseif ($_SESSION['level'] == 1) {
	require_once ('includes/views/admin_header.php');
}
if (@$_GET['action'] == ''){
	echo <<<EOT
		<div class="container">
		<link href="/afctf/css/announce.css" rel="stylesheet" type="text/css" media="all"/>
			<form class="layui-form main" method='POST' action='/afctf/admin/announcement.php?action=deal'>
				<blockquote class="layui-elem-quote">公告发布</blockquote>
				<div class="layui-form-item" style="margin-top:30px;margin-bottom:30px">
					<label class="layui-form-label">公告标题</label>
					<div class="layui-input-block">
						<input name="an_title" type="text" required  lay-verify="required" placeholder="请输入公告标题" autocomplete="off" class="layui-input">
					</div>
				</div>
				<div class="layui-form-item layui-form-text" style="margin-top:30px;margin-bottom:30px">
					<label class="layui-form-label">公告内容</label>
					<div class="layui-input-block">
						<textarea name="an_content" placeholder="请输入公告内容" class="layui-textarea"></textarea>
					</div>
				</div>
				<div style="text-align:center;margin-left:auto; margin-right:auto;">
		            <input class="submit layui-btn" type="submit"  value="提交">
		        </div>
			</form>
		</div>
		<script type="text/javascript">
			$("#a_home").removeClass("active");
			$("#a_announcement").addClass("active");
		</script>
EOT;
}
elseif (@$_GET['action'] == 'deal') {
	$announcementurl = '/afctf/admin/announcement.php';
	$title = $_POST['an_title'];
	$content = $_POST['an_content'];
	// 转义
	$title = htmlentities($title,ENT_QUOTES);
	$content = htmlentities($content,ENT_QUOTES);
	
	$content = preg_replace("/\r\n/",'<br>',$content);
	$time = date("m-d H:i:s");
	//将数据存入数据库
	$query = "INSERT INTO `announcement` (`time`,`title`,`content`) VALUES (:time,:title,:content)";
    $sth = $dbh->prepare($query);
    $sth -> bindParam(":time",$time);
    $sth -> bindParam(":title",$title);
    $sth -> bindParam(":content",$content);
    $sth -> execute();
    msg_display('公告发布成功','success',$announcementurl);
}
require_once ('includes/views/footer.php');
?>